What is in your Infosec Calendar?
Lately, I have been toying with the idea of creating an "infosec calendar" with activities to perform regularly. The calendar would be more targeted at home users and enthusiasts, certainly not at enterprises, but they may develop their own based on some of these ideas.
There are some of the items that I am considering, and well PLEASE suggest yours:
Restart your browser at least once a day
Some systems may not be stable enough for this to matter, but I find that if you keep your browser open all the time (as many of us do by default), and never close it, browser updates do not get applied. Chrome has a useful indicator warning, but not everybody "sees" it. So I make it a habit to restart my browser in the morning.
Reboot your system once a week
Same idea: Patches will often require a restart of the particular software patched. As you may have dozens of programs patched each week, it is easier to just reboot the system.
Microsoft Patch Tuesday
I am not a big Windows user, so this one applies less to me, but having a calendar reminder on the Wednesday after patch Tuesday to make sure that the patch Tuesday updates are applied makes some sense. Maybe reschedule your weekly reboot for Thursday?
Monthly Backup Check
For my desktops/laptops, I currently run 3 backups (Incremental Timemachine, Daily full clone with Carbon Copy Cloner, and a cloud-based "off-site" solution). But they sometimes fail; worse, they can either fail silently or notify you of a failure while you are busy with something else, so you click them away and forget about it. At the very least, check once a month that your backups are happening. Better restore a file once a month. Maybe a quarterly or annual "restore a system from scratch" test (which is time-consuming).
Monthly Router/Switch/IoT Update check
Many network devices have no robust way to notify you of updates. Often, you need to manually check the current firmware version and compare it (again: manually) to the latest firmware available from the manufacturer. I scripted these checks in the past, but these scripts are a pain to maintain. So it is probably a good idea to check manually once a month. This includes, first of all, your firewall/router, but also other network devices and certainly IoT devices (cameras, microwave oven...)
Monthly failover checks
This is a generic item and may not apply to everybody. But if you have a secondary internet connection or even a UPS for power backup, test them once a month to ensure they work. Note: Try to avoid testing a UPS by unplugging it. This can cause issues as you remove the ground connection. For a power outage, the ground connection remains. If your home disaster recovery plan is to work from a remote location: Simulate it by tethering from a cell phone and make sure things like VPNs and such connect.
So what else is on your calendar?
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
Comments
Anonymous
Oct 7th 2022
2 years ago
Anonymous
Oct 7th 2022
2 years ago
Each month, check if you have been affected by any recent Internet services or Vendor breaches that may have affected your accounts. Core reference would be https://haveibeenpwned.com
If breach identified update the associated password, or if the account is no longer being used, delete it.
Also maintain your Admin accounts, consider updating the passwords on a 3 month or 6 month interval. Considerations include: Website Administration, Office Desktop/Laptop administration user, Home office router, Google Workspace Admin, M365, etc..
Anonymous
Oct 7th 2022
2 years ago
Frederick
Oct 8th 2022
2 years ago